List members may, if (and only if) the Security Team grants
+permission, deploy fixed versions during the embargo. Permission for
+deployment, and any restrictions, will be stated in the embargoed
+advisory text.

+

The Security Team will normally permit such deployment, even for
+systems where VMs are managed or used by non-members of the
+predisclosure list. The Security Team will impose deployment
+restrictions only insofar as it is necessary to prevent the exposure
+of technicalities (for example, differences in behaviour) which
+present a significant risk of rediscovery of the vulnerability. Such
+situations are expected to be rare.

NOTE: Prior v2.2 of this policy (25 June 2014) it was
permitted to also make available the allocated CVE number. This is no
longer permitted in accordance with MITRE policy.